The first responsibility of a healthcare institution is to protect the health, legal rights and general welfare of its patients. Patients have specific legal rights to privacy concerning medical information. The media relations staff at St. Anthony's Medical Center are frequently required to balance the public's interest with this right to privacy, in accordance to HIPAA privacy regulations.
HIPAA privacy standards have specific provisions for the release of limited "directory" information. Directory information includes the patient's:
In order for members of the news media to receive information from the patient directory, the following must happen:
If the above conditions are met, general condition information may be provided, as long as it does not communicate specific information about the individual. Information such as a patient's age and nature and extent of injuries will not be provided. When accidents occur, the media should call the Media Relations Staff for a condition report. Reporters should obtain the patient's name from officials at the scene or through other means.
St. Anthony's Medical Center will use the following one-word descriptions of a patient's condition.
Media Note: The term “stable” should not be used as a condition. Furthermore, this term should not be used in combination with other conditions, except for those described above, because most conditions, by definition, often indicate a patient is unstable. With written authorization from the patient, a more detailed statement regarding a patient’s condition and injuries or illness can be drafted and approved by the patient or legal representative.
Minor children (under the age of 18) may have information released only with the consent of a parent or legal guardian, in accordance with the preceding guidelines.
The privacy regulations address situations where the opportunity to restrict the use or disclosure of directory information cannot be practicably provided because of an individual's incapacity or emergency treatment circumstance. In such a case, St. Anthony's may use or disclose an individual's directory information if the use and disclosure is consistent with a prior expressed preference of the individual, if any, that is known AND in the individual's best interest as determined by St. Anthony's, in the exercise of professional judgment.
Information may not be released in instances where releasing information about any patient associated with the commission of a crime or where the safety and security of both patients and hospital personnel may be jeopardized.
The release of any information concerning the HIV/AIDS status of a patient is prohibited under Missouri state law.
Patients admitted to an organized alcohol or drug-treatment program that receives any federal support are entitled to complete confidentiality, including whether they are in the program or not. Release of information about such patients must be accomplished in a specific manner established by federal regulations.
The death of a patient may be announced and/or confirmed by the Media Relations Staff after family has been notified and consent has been obtained. Reporters are encouraged to obtain this information from police departments.
Police reports and other information about hospital patients often are obtained by media. The claim is frequently made that once information about a patient is in the public domain, the media is entitled to any and all information about that individual. This is not true. Health care providers are required to observe the general prohibitions against releasing protected health information (PHI) about patients found in the HIPAA privacy standards, state statutes or regulations and the common law, regardless of what information is in the hands of public agencies or the public in general. Requests for PHI from the media on grounds that a public agency, such as law enforcement, is involved in the matter will be denied.
Emergency Medical Services
EMS units or ambulance services that provide health care services to patients are considered covered entities under HIPAA.
HIPAA is an acronym that stands for the Health Insurance Portability and Accountability Act of 1996, which was signed into law by President Bill Clinton in 1996. As part of the law, hospitals are required to implement patient information security and privacy standards. This requirement changed and limited the information that members of the media can obtain from hospitals about patients.
More information about HIPAA and the release of patient information by hospitals is available from the Missouri Hospital Association.